Banking institutions are seeing a significant spike in multi-channel financial crimes. But Duncan Ash and Julio Gomez of Splunk say data and analytics can be key differentiators in the effort to protect sensitive financial data.
A majority of mobile finance apps lack the security controls and code hardening necessary to prevent applications from being compromised, according to recent analyst research. And relying on legacy methods - like network or perimeter protection that is incapable of detecting these kinds of attacks - can have dire...
CISA is warning that sophisticated hacking groups are chaining together vulnerabilities, such as the recent Zerologon bug and other flaws, to target state and local government networks. In some cases, attackers gained access to election support systems.
Microsoft has issued additional instructions on how to better implement a patch to fix an elevation of privilege vulnerability called Zerologon in Windows Server that affects the Netlogon Remote Protocol. The update comes as Cisco Talos researchers report a spike in attempts to exploit the flaw.
As the rate of software development accelerates, organizations are forced to adopt new practices and undergo cultural shifts. To succeed, application security (AppSec) must be integrated into every stage of the development pipeline - in other words, DevSecOps.
This requires the right mix of tools, people and...
Based on a survey of cybersecurity and application-development professionals conducted by Enterprise Strategy Group (ESG).
This report examines the dynamics between development teams and cybersecurity teams regarding the deployment and management of application security solutions.
Open source use isn't risky, but unmanaged use of open source is.
This paper provides insights and recommendations to help organizations and their development and IT teams better manage the open source risk landscape. It covers:
Open source license risk and the need to identify and catalog open source...
U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.
The U.S. Commerce Department is banning the downloading and hosting of China-based social media apps TikTok and WeChat effective on Sunday, citing national security concerns. The announcement comes as Oracle continues to negotiate a deal for partnering on TikTok's U.S. operations.
Organizations throughout España are seeing a change in the world of networking and security as they adopt cloud solutions and services. Private, on-premises data centers are no longer the place for data and workloads.
With these changes, security and networks come together more than ever. Businesses need speed,...
Independent bug hunters who find flaws in products and services often struggle to hand off their vulnerability report to someone in a position to get it fixed, says longtime security researcher Daniel Cuthbert. He describes steps organizations must take to be able to receive - and act on - bug reports.
According to analysts, adaptive authentication is at the top of the list of authentication investments for banks - and for good reason.
Download this white paper to learn how financial institutions are using this technology to drive growth and improve customer retention.
Learn how to:
Foster growth by building more...
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Pike13, a tech company that delivers cloud-based client management software, gives gyms and yoga studios a simple interface to handle daily administrative tasks. The all-in-one platform enables fitness providers to manage staff and clients, including payroll, scheduling and communications.
Pike13 is one of the...